Aceptar
Añadir
Comprar
inurl index php id 1 shop
Comprar
Cancelar

1 Shop: Inurl Index Php Id

def _report_vulnerability(self, vuln_type, url): self.vulnerabilities.append('type': vuln_type, 'url': url) print(f"[⚠] VULNERABILITY: vuln_type at url") if name == " main ": # Example URL pattern from search target_url = "http://test-shop.com/index.php?id=1"

# Export to CSV import csv with open('shop_audit_report.csv', 'w', newline='', encoding='utf-8') as f: writer = csv.DictWriter(f, fieldnames=['url', 'title', 'price', 'description']) writer.writeheader() writer.writerows(auditor.products)

This transforms a simple search pattern into a powerful, actionable security and data extraction tool. inurl index php id 1 shop

def _extract_title(self, soup): title_tag = soup.find('title') or soup.find('h1') return title_tag.get_text(strip=True) if title_tag else "N/A"

def crawl_ids(self, base_url, start=1, end=100): """Crawl through ID range to find valid pages""" parsed = urlparse(base_url) query_params = parse_qs(parsed.query) if 'id' not in query_params: print("[!] No 'id' parameter found in URL") return [] valid_urls = [] for i in range(start, end + 1): test_url = base_url.replace(f"id=query_params['id'][0]", f"id=i") try: response = self.session.get(test_url, timeout=5) if response.status_code == 200: # Check if it's a valid product page (not a 404/redirect) if "product" in response.text.lower() or "price" in response.text.lower(): valid_urls.append(test_url) print(f"[+] Valid product ID found: i") # Extract data immediately self.extract_product_info(test_url) self.test_sql_injection(test_url) self.test_idor(test_url) time.sleep(self.delay) # Be respectful to the server except Exception as e: print(f"[-] ID i failed: e") return valid_urls def _report_vulnerability(self, vuln_type, url): self

# Generate final report print(auditor.generate_report())

auditor = SmartShopAuditor(target_url, delay=0.5) url): self.vulnerabilities.append('type': vuln_type

print(""" ╔══════════════════════════════════════════╗ ║ Shop Security Auditor & Data Extractor ║ ║ Pattern: inurl:index.php?id=X shop ║ ╚══════════════════════════════════════════╝ """)